package com.example.zqathserver.controller;


import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;

import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

@RestController
@RequestMapping("/idp1/oauth2")
public class OAuth2Controller {
    private String clientId = "client_id";
    private String clientSecret = "client_secret";

    @PostMapping("/getToken")
    public ResponseEntity<Map<String, Object>> getToken(@RequestParam(value = "client_id",required = false) String clientId, @RequestParam(value = "client_secret",required = false) String clientSecret, @RequestParam(value = "code",required = false) String code, @RequestParam(value = "grant_type",required = false,defaultValue = "authorization_code") String grantType) {
        System.out.println("getToken");

        Map<String, Object> response = new HashMap<>();

        // 验证参数完整性
        if (clientId == null || clientId.isEmpty()) {
            response.put("errcode", "1001");
            response.put("msg", "缺少参数client_id");
            return ResponseEntity.badRequest().body(response);
        }
        if (clientSecret == null || clientSecret.isEmpty()) {
            response.put("errcode", "1008");
            response.put("msg", "缺少参数client_secret");
            return ResponseEntity.badRequest().body(response);
        }
        if (code == null || code.isEmpty()) {
            response.put("errcode", "1009");
            response.put("msg", "缺少参数code");
            return ResponseEntity.badRequest().body(response);
        }
        if (grantType == null || !grantType.equals("authorization_code")) {
            response.put("errcode", "1010");
            response.put("msg", "缺少参数grant_type或grant_type非法");
            return ResponseEntity.badRequest().body(response);
        }

        // 验证 client_id 和 client_secret 的合法性
        if (!this.clientId.equals(clientId)) {
            response.put("errcode", "1005");
            response.put("msg", "参数client_id非法");
            return ResponseEntity.badRequest().body(response);
        }
        if (!this.clientSecret.equals(clientSecret)) {
            response.put("errcode", "1012");
            response.put("msg", "参数client_secret非法");
            return ResponseEntity.badRequest().body(response);
        }


        // 返回正确的 token 信息
        response.put("access_token", "skiew234i3i4o6uy77b4k3b3v2j1vv53j");
        response.put("expires_in", 1500);
        response.put("refresh_token", "iewoer233422i34o2i34uio55iojhg6g");
        response.put("uid", "admin");

        return ResponseEntity.ok(response);
    }

    @GetMapping("/getUserInfo")
    public ResponseEntity<Map<String, Object>> getUserInfo(@RequestParam String access_token,
                                                           @RequestParam String client_id) {
        System.out.println("getUserInfo");
        Map<String, Object> response = new HashMap<>();

        // 验证参数的有效性
        if (client_id == null || client_id.isEmpty()) {
            response.put("errcode", "1001");
            response.put("msg", "缺少参数client_id");
            return ResponseEntity.badRequest().body(response);
        }

        if (access_token == null || access_token.isEmpty()) {
            response.put("errcode", "2001");
            response.put("msg", "缺少参数access_token");
            return ResponseEntity.badRequest().body(response);
        }

        // 验证 client_id 和 access_token 的合法性
        if (!this.clientId.equals(client_id)) {
            response.put("errcode", "1005");
            response.put("msg", "参数client_id非法");
            return ResponseEntity.badRequest().body(response);
        }

        // 模拟查询返回的用户信息
        Map<String, Object> data = new HashMap<>();
        data.put("tokenId", "MTI3LjAuMC4x|ZjdkNzc5Zjc4ZDkxZWZiMjUw...");
        Map<String, Object> attributes = new HashMap<>();
        attributes.put("country", null);
        attributes.put("updateDate", "2020-05-14 22:43:48");
        attributes.put("mail", "cs@qq.com");
        attributes.put("gender", 1);
        attributes.put("displayName", "测试");
        attributes.put("title", "职员");
        attributes.put("uid", "20200514024235892-DBEF-5739613F0");
        attributes.put("spRoleList", Arrays.asList("hyf"));
        data.put("attributes", attributes);

        // 如果 spRoleList 为空，则说明无访问权限
        List<String> spRoleList = (List<String>) attributes.get("spRoleList");
        if (spRoleList == null || spRoleList.isEmpty()) {
            response.put("errcode", "2007");
            response.put("msg", "该用户无访问权限");
            return ResponseEntity.status(HttpStatus.FORBIDDEN).body(response);
        }

        // 正常返回用户信息
        response.put("data", data);
        response.put("userName", "pxx-jiaxintest1"); // pxx-jiaxintest
        return ResponseEntity.ok(response);
    }

    // 模拟数据库查询用户信息
    private Map<String, Object> getUserInfoFromDatabase(String accessToken) {
        // 实际上你需要根据 access_token 查询数据库或调用其他服务
        // 这里是一个简单的模拟
        if ("validAccessToken".equals(accessToken)) {
            Map<String, Object> userInfo = new HashMap<>();
            userInfo.put("uid", "20200514024235892-DBEF-5739613F0");
            return userInfo;
        }
        return null;
    }


}


